www.ndtnetworking.com Open in urlscan Pro
192.223.10.25  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/validation?vm=76AG1212-574954. Page URL
2. http://www.ndtnetworking.com/index2.jspx?/voicemail/7V7J6CQPTV76GQ/validation&vm=76AG1212-574954. Page URL
3. https://www.xlvut12po99xdpqw.com/cc-index.jspx Page URL
4. http://www.ndtnetworking.com/badphish_notice.jspx?ident=7V7J6CQPTV76GQ&oto=99566A017833E328057CFA1BC85CC1F74800763B Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	validation www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/	162 B 479 B	343ms 102ms	Document text/html	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL http://www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/validation?vm=76AG1212-574954. Protocol HTTP/1.1 Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 162 Content-Type text/html Date Fri, 10 Nov 2023 19:25:20 GMT ETag "a2-5f73267a7745b" Keep-Alive timeout=5, max=100 Last-Modified Sat, 18 Mar 2023 20:19:03 GMT Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46
GET H/1.1	200 OK	index2.jspx Show response www.ndtnetworking.com/	603 B 655 B	114ms 113ms	Document text/html	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL http://www.ndtnetworking.com/index2.jspx?/voicemail/7V7J6CQPTV76GQ/validation&vm=76AG1212-574954. Requested by Host: www.ndtnetworking.com URL: http://www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/validation?vm=76AG1212-574954. Protocol HTTP/1.1 Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash 6da7a275df4dead44d791ef36903afa1997dd6e95881bdb39d4550b0dcd70711 Request headers Referer http://www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/validation?vm=76AG1212-574954. Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 10 Nov 2023 19:25:20 GMT Keep-Alive timeout=5, max=99 Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	jquery-1.6-v2.js Show response www.stickleyonsecurity.com/js/	403 KB 106 KB	665ms 114ms	Script application/javascript	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL https://www.stickleyonsecurity.com/js/jquery-1.6-v2.js Requested by Host: www.ndtnetworking.com URL: http://www.ndtnetworking.com/index2.jspx?/voicemail/7V7J6CQPTV76GQ/validation&vm=76AG1212-574954. Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash dc07c71a852f1a075ce4f1a3c82608d541b8f453161e6926ef28dde572410787 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer http://www.ndtnetworking.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Fri, 10 Nov 2023 19:25:21 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip Last-Modified Tue, 04 Jan 2022 15:54:44 GMT Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 ETag "64d87-5d4c3a7e3f900-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
POST H/1.1	200 OK	cc-index.jspx Show response www.xlvut12po99xdpqw.com/	7 KB 3 KB	445ms 116ms	Document text/html	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash c1ce464a00bf3cef530b2889480e220d8e121ceb95c13639f5c7c68ba2cd5822 Request headers Content-Type application/x-www-form-urlencoded Origin http://www.ndtnetworking.com Referer http://www.ndtnetworking.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 10 Nov 2023 19:25:22 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	jquery-compressed.js Show response www.stickleyonsecurity.com/js/	86 KB 30 KB	117ms 108ms	Script application/javascript	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL https://www.stickleyonsecurity.com/js/jquery-compressed.js Requested by Host: www.xlvut12po99xdpqw.com URL: https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.xlvut12po99xdpqw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Fri, 10 Nov 2023 19:25:22 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip Last-Modified Wed, 26 Aug 2020 17:07:05 GMT Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 ETag "15851-5adcad9586040-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 30677
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	56ms 10ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: www.xlvut12po99xdpqw.com URL: https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.xlvut12po99xdpqw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 10:16:48 GMT content-encoding gzip x-content-type-options nosniff age 119314 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 08 Nov 2024 10:16:48 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	1 KB 1 KB	67ms 32ms	Script text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted Requested by Host: www.xlvut12po99xdpqw.com URL: https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a7f91f46fc6bc247bf1bd5ab1870c9f87f44dbd3c2ad765102f63bb1e6290755 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.xlvut12po99xdpqw.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 19:25:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 10 Nov 2023 19:25:22 GMT
GET H/1.1	200 OK	badphish-logo-lantern2.png www.xlvut12po99xdpqw.com/images/	238 KB 238 KB	106ms 102ms	Image image/png	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Show image Full URL https://www.xlvut12po99xdpqw.com/images/badphish-logo-lantern2.png Requested by Host: www.xlvut12po99xdpqw.com URL: https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash fb5a0aa1ead4b42aeabafe089ce9c3aa03e45eef43f2b629f8f2dfea2a1e3a6f Request headers accept-language de-DE,de;q=0.9 Referer https://www.xlvut12po99xdpqw.com/cc-index.jspx User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Fri, 10 Nov 2023 19:25:22 GMT Last-Modified Wed, 18 Nov 2015 18:20:12 GMT Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 ETag "3b71b-524d4b16e0f00" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 243483 Expires Tue, 09 Jan 2024 19:25:22 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/	470 KB 189 KB	53ms 10ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.xlvut12po99xdpqw.com/ Origin https://www.xlvut12po99xdpqw.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 17:09:05 GMT content-encoding gzip x-content-type-options nosniff age 8177 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192495 x-xss-protection 0 last-modified Mon, 06 Nov 2023 03:03:27 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Nov 2024 17:09:05 GMT
GET H2	200	anchor Show response www.google.com/recaptcha/api2/ Frame 97ED	60 KB 34 KB	44ms 42ms	Document text/html	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3f33b6da6b31351ec06c87cfda45790165db58505e62d8da76b8138375052ac7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-T12YHsVdSncGSAmFbXomRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.xlvut12po99xdpqw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-T12YHsVdSncGSAmFbXomRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 10 Nov 2023 19:25:22 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 97ED	55 KB 24 KB	24ms 7ms	Stylesheet text/css	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 17:37:04 GMT content-encoding gzip x-content-type-options nosniff age 6498 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24606 x-xss-protection 0 last-modified Mon, 06 Nov 2023 03:03:27 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Nov 2024 17:37:04 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ Frame 97ED	470 KB 188 KB	22ms 12ms	Script text/javascript	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 17:09:05 GMT content-encoding gzip x-content-type-options nosniff age 8177 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 192495 x-xss-protection 0 last-modified Mon, 06 Nov 2023 03:03:27 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 09 Nov 2024 17:09:05 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 97ED	2 KB 2 KB	8ms 8ms	Image image/png	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Thu, 09 Nov 2023 15:15:26 GMT x-content-type-options nosniff age 101396 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Thu, 16 Nov 2023 15:15:26 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 97ED	15 KB 15 KB	32ms 9ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 03:12:15 GMT x-content-type-options nosniff age 58387 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 09 Nov 2024 03:12:15 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 97ED	15 KB 16 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Wed, 08 Nov 2023 21:01:27 GMT x-content-type-options nosniff age 167035 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 07 Nov 2024 21:01:27 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 97ED	102 B 135 B	17ms 16ms	Other text/javascript	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Fri, 10 Nov 2023 19:25:22 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 10 Nov 2023 19:25:22 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 97ED	34 KB 20 KB	69ms 69ms	XHR application/json	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 838d84f03965db744361a03e7b692e14e0a88bb502fa236c088a561764fb3fc7 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LepteEUAAAAAJwgAAo1eqAlarlFFpeO1O36hted&co=aHR0cHM6Ly93d3cueGx2dXQxMnBvOTl4ZHBxdy5jb206NDQz&hl=de&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&cb=182egjm10a2c accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/x-protobuffer Response headers date Fri, 10 Nov 2023 19:25:23 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Fri, 10 Nov 2023 19:25:23 GMT
POST H/1.1	200 OK	bp_end.jspx www.xlvut12po99xdpqw.com/	0 323 B	232ms 231ms	XHR text/html	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL https://www.xlvut12po99xdpqw.com/bp_end.jspx Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash Request headers Accept */* Referer https://www.xlvut12po99xdpqw.com/cc-index.jspx X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 10 Nov 2023 19:25:23 GMT Content-Encoding gzip Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/html;charset=UTF-8 Connection Keep-Alive Keep-Alive timeout=5, max=98
GET H/1.1	200 OK	Primary Request badphish_notice.jspx Show response www.ndtnetworking.com/	5 KB 2 KB	108ms 108ms	Document text/html	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Full URL http://www.ndtnetworking.com/badphish_notice.jspx?ident=7V7J6CQPTV76GQ&oto=99566A017833E328057CFA1BC85CC1F74800763B Requested by Host: www.xlvut12po99xdpqw.com URL: https://www.xlvut12po99xdpqw.com/cc-index.jspx Protocol HTTP/1.1 Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash cb9ea3945baafca99fda7c9ccba732f3fd1bdda5ea268c7f50ca5877229da303 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 10 Nov 2023 19:25:23 GMT Keep-Alive timeout=5, max=98 Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	badphish-logo-lantern2.png www.ndtnetworking.com/images/	238 KB 238 KB	102ms 101ms	Image image/png	192.223.10.25 PERFORMIVE
General Check archive.org Show headers Download Go to Show image Full URL http://www.ndtnetworking.com/images/badphish-logo-lantern2.png Requested by Host: www.ndtnetworking.com URL: http://www.ndtnetworking.com/badphish_notice.jspx?ident=7V7J6CQPTV76GQ&oto=99566A017833E328057CFA1BC85CC1F74800763B Protocol HTTP/1.1 Server 192.223.10.25 Atlanta, United States, ASN46562 (PERFORMIVE, US), Reverse DNS Software Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 / Resource Hash fb5a0aa1ead4b42aeabafe089ce9c3aa03e45eef43f2b629f8f2dfea2a1e3a6f Request headers accept-language de-DE,de;q=0.9 Referer http://www.ndtnetworking.com/badphish_notice.jspx?ident=7V7J6CQPTV76GQ&oto=99566A017833E328057CFA1BC85CC1F74800763B User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Fri, 10 Nov 2023 19:25:23 GMT Last-Modified Wed, 18 Nov 2015 18:20:12 GMT Server Apache/2.4.56 (Unix) OpenSSL/3.0.1 mod_jk/1.2.46 ETag "3b71b-524d4b16e0f00" Content-Type image/png Cache-Control max-age=5184000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 243483 Expires Tue, 09 Jan 2024 19:25:23 GMT

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 20:26:36	Name: _GRECAPTCHA Value: 09AK-LSi8fbougmUJR59LDA-Ikz5pxm7VDAEKh3YVO3PGDcfv1ad5glfhwAJeFs_WR1RC1qBn-0pjQh8-KxLx2ANU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.ndtnetworking.com/voicemail/7V7J6CQPTV76GQ/validation?vm=76AG1212-574954. Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.gstatic.com
www.google.com
www.gstatic.com
www.ndtnetworking.com
www.stickleyonsecurity.com
www.xlvut12po99xdpqw.com
192.223.10.25
2a00:1450:4001:808::2003
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3772767ff67487697ff10935d55de63df2c7ee53435326b45577f86819e84c71
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f33b6da6b31351ec06c87cfda45790165db58505e62d8da76b8138375052ac7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6da7a275df4dead44d791ef36903afa1997dd6e95881bdb39d4550b0dcd70711
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
838d84f03965db744361a03e7b692e14e0a88bb502fa236c088a561764fb3fc7
a7f91f46fc6bc247bf1bd5ab1870c9f87f44dbd3c2ad765102f63bb1e6290755
c1ce464a00bf3cef530b2889480e220d8e121ceb95c13639f5c7c68ba2cd5822
cb9ea3945baafca99fda7c9ccba732f3fd1bdda5ea268c7f50ca5877229da303
dc07c71a852f1a075ce4f1a3c82608d541b8f453161e6926ef28dde572410787
fb5a0aa1ead4b42aeabafe089ce9c3aa03e45eef43f2b629f8f2dfea2a1e3a6f